<?php
//standard validation
include_once("Form/FormValidation.php");
$validator = new FormValidation();
$validator->validateForm('fdf/frmNewAccount.xml');

//make sure emails match
if($_POST['txtEmail']<>$_POST['txtConfirmEmail']) {
	header("Location: index.php?action=new&error=email");
	exit();
}

//make sure username and email isn't taken
include_once("Accounts.config.php");
global $DB;
$DB->query("select username from users where username ='" . $_POST['txtUsername'] . "' or email='" . $_POST['txtEmail'] ."'");
if($row = $DB->fetch_row()) {
	header("Location: index.php?action=new&error=username");
	exit();
}

//set the fields for new user creation
$userFields['firstname'] = $_POST['txtFirstName'];
$userFields['lastname'] = $_POST['txtLastName'];
$userFields['email'] = $_POST['txtEmail'];
$userFields['username'] = $_POST['txtUsername'];

//create the user
include_once("Identity/User.php");
$user = new user;
$new_temp_password = $user->createUser($userFields);

if(trim($new_temp_password)=="") {
	header("Location: index.php?action=new&error=temppass");
	exit();
}

//email the user
include_once("Security/SingleSignOn.php");
$SSO = new SingleSignOn;
$SSO->sendTemporaryPasswordEmail($_POST['txtUsername'],$new_temp_password,$_POST['txtEmail'],$_POST['txtFirstName'] . " " . $_POST['txtLastName']);

//redirect to the success page
header("Location: index.php?action=newSuccess&email={$_POST['txtEmail']}");
?>